sebres
f6d0c86533
test cases extended: flush jail in database
2018-01-09 12:16:37 +01:00
sebres
2c69c0e7e5
flush jail in database: bulk remove of all IPs in the database (e. g. reload --unban).
2018-01-09 12:15:56 +01:00
Yannik Sembritzki
aab54bb0dd
don't replace normal test case with specialized test case
2018-01-08 22:29:43 +01:00
Yannik Sembritzki
94f0b15c32
Allow faster parsing of hosts without ' characters in them
2018-01-08 14:54:32 +01:00
Yannik Sembritzki
eaf5e88692
replace actual offenders ip with 1.2.3.4
2018-01-03 19:00:09 +01:00
Yannik Sembritzki
184202c6aa
remove duplicate testcase
2018-01-03 18:49:38 +01:00
Yannik Sembritzki
a53ee46ad4
add test for asterisk pjsip attack with quote in username
2018-01-03 18:48:11 +01:00
Yannik Sembritzki
b28dfb965a
Fix filter not catching asterisk requests with quote character in username ( fixes #2010 )
2018-01-03 18:39:30 +01:00
sebres
1e39c2600c
cherry-pick from 0.11: changes in updateDb because it can be executed after repair, and some tables can be missing.
2017-12-22 17:21:11 +01:00
sebres
277edd5fe5
amend to pull request #2004 : merge remote-tracking branch 'sebres/auto-repair-database' into 0.10
2017-12-22 16:21:22 +01:00
sebres
ab3d03beec
Better variant of repair database: recreate all tables/indices, that can be missing after supposedly successful rescue
2017-12-22 16:13:57 +01:00
Serg G. Brester
75f00a3a6c
Merge pull request #2004 from sebres/auto-repair-database
...
Automatically recover or recreate corrupt persistent database
2017-12-22 14:31:25 +01:00
Serg G. Brester
b104da2800
Merge pull request #2005 from sebres/0.10
...
Stability fix for fail2banclienttestcase, avoid sporadic coverage decrease.
2017-12-22 14:27:20 +01:00
sebres
a10d544ddc
coverage: fix another sporadic coverage decrease, if idle mode never reached in some test-cases (e. g. by slowly reloading of jails).
2017-12-22 14:12:19 +01:00
sebres
80932af406
coverage: testErrorsInLoop should avoid sporadic coverage changes, if some communication errors not occurred sometimes.
2017-12-22 13:29:35 +01:00
sebres
a1fd2c507e
method `waitForServerEnd` renamed into `stopAndWaitForServerEnd` (because will also stop the server)
2017-12-22 13:00:29 +01:00
sebres
1ad587ac7c
Stability fix for fail2banclienttestcase:
...
- provide waitForServerEnd method for decorator `with_foreground_server_thread`, to wait for real server stop if needed;
- accept any exit code in decorator `with_foreground_server_thread`, because multi-threaded, thus server can exit in-between;
- fix sporadic fail "AssertionError: 'Banned 5 / 5, 5 ticket(s)' was not found" (if some tickets will be processed earlier,
thus not as chunk but separately), so in case of:
Banned 1 / 1, 1 ticket(s) in 'nginx-blck-lst'
Banned 4 / 5, 5 ticket(s) in 'nginx-blck-lst'
2017-12-22 12:36:01 +01:00
Serg G. Brester
2d23f35d26
Update ChangeLog
...
typo: missing newline restored.
2017-12-21 22:50:54 +01:00
sebres
79443210ad
Update ChangeLog
2017-12-21 22:49:57 +01:00
sebres
9374de59f3
Automatically recover or recreate corrupt persistent database (e. g. if failed to open with 'database disk image is malformed').
...
Closes #1465
2017-12-21 22:38:54 +01:00
Serg G. Brester
61109d5c4f
Merge pull request #1996 from meke/firewallcmd-new_actioncheck_error
...
firewallcmd-new actioncheck Error
2017-12-09 15:59:40 +01:00
root
79f414c6a2
fix <family> typo
2017-12-09 15:55:45 +01:00
root
7c63eb2378
In the CentOS7 and epel environment, result of "firewall-cmd -direct -get -chains ipv4 filter" is displayed one line
...
Changed to be multiple lines with reference to firewallcmd-multiport.conf
2017-12-09 15:55:45 +01:00
Serg G. Brester
95a87077f7
Merge pull request #1995 from sebres/firewallcmd-ipset-flush
...
action.d/firewallcmd-ipset.conf: extended with actionflush to bulk unban resp. flush ipset
2017-12-06 11:43:01 +01:00
sebres
bf6667d4da
better (sane) stop server handling, AsyncServer.stop_communication back-ported to 0.10 (cherry-picked from 0.11);
2017-12-06 01:38:39 +01:00
sebres
6ccaa03e00
action.d/firewallcmd-ipset.conf: extended with actionflush to bulk unban resp. flush ipset
2017-12-06 01:10:56 +01:00
sebres
aa9cefc3f8
proper stop server in the test cases (quit should stop all server-side threads, also if server was not really started);
...
fix-up for run_with_except_hook: avoid very sporadic error "'NoneType' object has no attribute 'exc_info'" (https://bugs.python.org/issue7336 ),
only extremely fast systems are affected ATM (2.x / 3.x), if thread ends nothing is available in .
2017-12-06 01:09:04 +01:00
sebres
2712f72650
Merge remote-tracking branch 'master' into 0.10
2017-12-06 00:09:52 +01:00
Serg G. Brester
ad658a0a95
Merge pull request #1989 from sebres/logging-options
...
New server logging options
2017-12-06 00:07:51 +01:00
Serg G. Brester
f96761927d
Merge pull request #1969 from RaidForums/patch-1
...
Update nginx-limit-req filter.
2017-12-05 23:51:18 +01:00
sebres
cc9ff31c9c
Update ChangeLog: `action.d/firewallcmd-ipset.conf`: fixed create of set for ipv6 (missing `family inet6`, gh-1990)
2017-12-05 23:35:34 +01:00
sebres
e384acca5f
action.d/firewallcmd-ipset.conf: fixed create of set for ipv6 (missing `family inet6`)
2017-12-05 23:34:03 +01:00
Kevin Maradona
6c705d572b
filter.d/nginx-limit-req.conf: nginx limit-req log-level can be set to warn or error therefore having this regex will include both of them.
2017-12-05 22:31:54 +01:00
sebres
55143ce1d9
coverage increase
2017-12-05 19:32:13 +01:00
sebres
f9833ddee4
Update ChangeLog
2017-12-05 18:55:47 +01:00
sebres
1bf6636446
Introduced new parameters for logging within fail2ban-server;
...
Usage `logtarget = target[facility=..., datetime=on|off, format="..."]`:
- `facility` - specify syslog facility (default `daemon`, see https://docs.python.org/2/library/logging.handlers.html#sysloghandler
for the list of facilities);
- `datetime` - add date-time to the message (default on, ignored if `format` specified);
- `format` - specify own format how it will be logged, for example for short-log into STDOUT:
`fail2ban-server -f --logtarget 'stdout[format="%(relativeCreated)5d | %(message)s"]' start`;
Closes gh-1980
2017-12-05 18:54:21 +01:00
sebres
de97dedba0
move extractOptions from JailReader to helpers (common usage server- / client-side);
2017-12-05 17:49:22 +01:00
Serg G. Brester
ff987b60cd
Merge pull request #1988 from sebres/exim-aggressive
...
Exim aggressive
2017-12-05 17:30:10 +01:00
Serg G. Brester
b0ba1aa846
Update ChangeLog
2017-12-05 16:24:04 +01:00
sebres
ffd6b9f6de
jail.conf: extended with new parameter `mode` for the filters supporting it;
2017-12-05 16:09:18 +01:00
sebres
2b68882502
filter.d/exim.conf: provides mode "aggressive" to ban flood resp. DDOS-similar failures;
...
Closes #1983
2017-12-05 16:07:53 +01:00
sebres
7f89fbc33f
Merge remote-tracking branch 'remotes/gh-upstream/master' into 0.10
2017-12-01 15:53:11 +01:00
Serg G. Brester
f834e7826d
Merge pull request #1979 from peternowee/fix-exim-lowercase-auth
...
Exim failregex: Include lower/mixed case AUTH
2017-12-01 15:22:09 +01:00
Peter Nowee
e4bbaf3d58
Update ChangeLog
2017-12-01 15:01:48 +01:00
Serg G. Brester
f1c89f6631
Merge pull request #1981 from sebres/datedetector-dual-space
...
datedetector: extended default date-patterns (allows extra space between the date and time stamps)
2017-12-01 10:48:00 +01:00
sebres
5547697401
ChangeLog and typo
2017-12-01 10:16:14 +01:00
sebres
2e437937c3
datedetector: extended default date-patterns (allows extra space between the date and time stamps);
...
* introduces 2 new format directives (with corresponding `%Ex` prefix for more precise parsing):
- %k - one- or two-digit number giving the hour of the day (0-23) on a 24-hour clock,
(corresponds %H, but allows space if not zero-padded).
- %l - one- or two-digit number giving the hour of the day (12-11) on a 12-hour clock,
(corresponds %I, but allows space if not zero-padded).
* mysqld-auth test extended to cover new date-format in log.
Closes gh-1639
2017-11-30 17:06:37 +01:00
Serg G. Brester
cbd63d9cd5
added test to cover quoted injecting on AUTH command
2017-11-30 12:45:11 +01:00
Serg G. Brester
4f63180611
Avoid injection using quotes after `auth` command;
...
Added non-greedy fallback for quoted something (with lookahead simulated possessive greedy catch of non-quoted parts `[^"]*(?=")`).
Note that because host-info's are hereafter (with foreign input in-between), we would not use greedy or non-greedy catch-alls (`.*` or `.*?`) here (preventing performance losses).
2017-11-30 12:32:24 +01:00
Serg G. Brester
f59df2e156
Avoid any injecting on protocol (e. g. tries using camel-case)
...
The phrase "AUTH command used when not advertised" is precise enough as anchor here, so prevent by any foreign-input (any auth protocol error).
2017-11-29 20:55:48 +01:00